Data Security
There are many reasons why attackers have set their sights on retailers. An increasing number of attack vectors as a result of multichannel strategies, BYOD, QR codes and mobile wallets, as well as vulnerable point-of-sale (POS) terminals, legacy systems and third parties in the supply chain are just a few reasons why retailers make good targets. It's impossible to prevent every single attack, but there are actions retailers can take to be more proactive when a breach happens. At the end of the day, a good offense is the best defense. Here are five steps retailers can take to handle a cyberattack to help identify and remove advanced threats quickly and prepare for any future attacks:
The remnants of RadioShack's retail empire went on the auction block on Monday, giving bidders the first chance to snap up the company's trademarks; patents; leases; and the names, email addresses and phone numbers of millions of RadioShack customers. For RadioShack itself, the stakes are enormous. Bloomberg News reported Tuesday morning that Standard General, a hedge fund that's one of RadioShack's creditors, has won the auction. Hanging in the balance on Thursday, when a federal bankruptcy court is expected to approve or reject the asset sale, is the continuation of the 94-year-old retailer's operations.
Target has agreed to pay $10 million in a proposed settlement of a class-action lawsuit related to its 2013 data breach that consumers say compromised their personal financial information, court documents show. Under the proposal, which requires federal court approval, Target will deposit the settlement amount into an interest-bearing escrow account, to pay individual victims up to $10,000 in damages. The proposal also requires Target to adopt and implement data security measures such as appointing a chief information security officer and maintaining a written information security program.
Phishing is but one attack vector for which retailers must be on the lookout. It's important to note that although the financial sector is a fan favorite of phishers, it's by no means the only target. Today, medical records stored at hospitals, clinics and insurance companies are being stolen and sold just like bank information. In fact, last year the going rate for medical records was up to 10 times higher than that of financial information. And although it likely won't ever produce thrilling stories like those of Dillinger or Bonnie and Clyde, phishing is one of the easiest, cheapest and most effective means of theft today.
Yesterday, Square announced a new program for merchants that protects them when customers dispute purchases. When buyers contest a charge on their credit or debit card, that money is immediately put on hold. That means the merchant loses the money generated from the sale as well as the product or service it sold. Square is giving merchants in the U.S. and Canada access to chargeback protection, which will cover the money being held in instances of fraud. Meaning, sellers won't lose out on sales that are being contested. Square will cover expenses related to sales disputes up to $250 per month.
Today's retail initiatives all seem to revolve around data. When we think about marketing automation, digital retailing and loyalty programs, they all have data at their core. Companies are looking to better understand their consumers so they can drive purchases and increase lifetime value.
A video threatening terrorist action at U.S. and other Western malls sent retailers’ emergency preparedness plans into action after it surfaced over the weekend. But the threat — which caused the Department of Homeland Security to warn American shoppers to stay vigilant, despite the fact that there's no known credible threat — isn't expected to dent traffic at shopping centers, which generated $2.5 trillion in sales last year.
Considering the high-profile data breaches and the very recent Sony email leaks, 2014 could be labeled "The Year of the Hacker." According to a recent Gallup poll, Americans’ No. 1 crime worry is hackers stealing their credit card information. In addition, cybercrime certainly hurts the U.S. economy — to the tune of more than $120 million each year. On Jan. 12, President Obama sent a cybersecurity bill to Congress, saying, "We've got to stay ahead of those who would do us harm." What follows are some payment security best practices that can help all merchants stay ahead of fraudsters:
Recent security breaches and new emerging payment alternatives such as Apple Pay and Google Wallet are expanding the exposure of personal information in ways that we haven't seen before. The key question that consumers are now asking is, "Do I trust you enough to share my personal information and will you keep it secure?"
eBay said it lost millions of dollars in ad revenue, according to The Australian. The newspaper said eBay filed a lawsuit against its former manager of ad operations and two of his associates. eBay alleges that the manager set up companies and appointed them to sell advertising space on eBay's site and in its email newsletters. "eBay claims they wrongfully profited by telling eBay they had sold the inventory at a particular rate while actually selling it for more, and pocketing the difference," the newspaper wrote.